I have build Joomla 3 website in the past and that one is taken offline in around 2020. Now I want to get locally up & running to check a few things.
I thought that I have account of the super user in my keepass, but not or...
I've been googling and I know it is not possible to encode the password.
The existing passwords in the database prefix__users are 34 characters long and they all starts with "$P$...".
I find via the manifest.xml that it was Joomla version 3.9.16. So I have download that version installed locally met a super user with password secret and I thought that password straight into the database. In my opinion it should have the password 'secret'.
But I'm suprised the hased password is much longer "$2y$10$M98YfT4YpBz1fB1xEwiKwu/PvZ9peXjadobSW.qnpJCf1Scz71nCm"
Is that due that that side is probably started with Joomla 2.5, and that uses another hash function, because If I look in the file passwordhash.php you have there the method gensalt_private which is building an hash starting with '$P$'.
I'm also looking to put that function in php file and just run that with echoing the result. But till now not very successfull.
Or is there another 'simple' way to get an known hashed password?
I thought that I have account of the super user in my keepass, but not or...
I've been googling and I know it is not possible to encode the password.
The existing passwords in the database prefix__users are 34 characters long and they all starts with "$P$...".
I find via the manifest.xml that it was Joomla version 3.9.16. So I have download that version installed locally met a super user with password secret and I thought that password straight into the database. In my opinion it should have the password 'secret'.
But I'm suprised the hased password is much longer "$2y$10$M98YfT4YpBz1fB1xEwiKwu/PvZ9peXjadobSW.qnpJCf1Scz71nCm"
Is that due that that side is probably started with Joomla 2.5, and that uses another hash function, because If I look in the file passwordhash.php you have there the method gensalt_private which is building an hash starting with '$P$'.
I'm also looking to put that function in php file and just run that with echoing the result. But till now not very successfull.
Or is there another 'simple' way to get an known hashed password?
Statistics: Posted by nkamp — Sat Jan 04, 2025 4:06 pm